| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 |
- endpoint security
- docker
- Windows
- bash
- 보안양파
- ELASTIC
- pfsense
- ssh key 배포
- freebsd
- miniconda
- macos
- ansible
- proxycfg
- Elasticsearch
- xe guest utilities
- XCP-ng
- Kibana
- Proxy
- hardening
- elastic stack
- PlayBook
- 로그인불가
- 한글가이드
- GitLab
- Kibana server is not ready yet
- x-pack
- centos 8
- application security
- G-suite
- Today
- Total
목록전체 글 (677)
선 밖에 선 자유인
- Security Onion 의 Elasticsearch 에서 기본적으로 JVM 옵션이 600m로 설정되어 있어 네트워크 패킷 캡쳐 등을 운영하면 아래와 같은 Heap OutOfMemory 오류가 발생하는 경우가 있음 java.lang.OutOfMemoryError: Java heap space Dumping heap to java_pid1.hprof ... - so-elasticsearch 컨테이너에 접속하여 jvm 옵션 조정 NSM# docker exec -it so-elasticsearch /bin/bash bash-4.2$ cd config bash-4.2$ ls custom elasticsearch.keystore elasticsearch.yml elasticsearch.yml.bak inge..
Windows 와 Ubuntu 클라이언트에 Chrome 최신 버전 설치 예제 (apt나 win_package 등 기본적인 패키지 설치 기능이 상황에 맞게 구동되지 않는 경우가 많음...) --- - name: Chrome Install hosts: all user: ansible become: yes #gather_facts: no tasks: - name: create directory Windows win_file: path: C:\Temp state: directory when: ansible_facts['os_family'] == "Windows" - name: Chrome setup file copy (Windows) win_copy: src: /home/ansible/lab/ChromeSetu..
- 웹 기반의 오픈소스 DB Management tool https://github.com/OmniDB/OmniDB https://omnidb.org/en/
FireEye의 침해사고 분석 툴 Redline 2.0 release (2020.04.28) MacOS, Linux 아티팩트 수집 기능 추가됨 https://www.fireeye.com/services/freeware/redline.html Redline | Free Security Software | FireEye Redline is a free utility that accelerates the process of triaging hosts suspected of being compromised or infected while supporting in-depth live memory analysis. www.fireeye.com
--- - name: Windows MSU Patch hosts: windows gather_facts: no user: vagrant tasks: - name: create directory win_file: path: C:\Temp state: directory - name: file copy win_copy: src: /home/ansible/lab/windows10.0-kbxxxxx-x86_xxxxxxxxxxxxxxx.msu dest: C:\Temp\windows_patch.msu - name: Windows Hotfix win_hotfix: source: C:\Temp\windows_patch.msu state: present register: hotfix_install - win_reboot:..
- 오픈소스 침해 대응 툴킷을 제공하는 ThreaResponse https://www.threatresponse.cloud/ https://github.com/ThreatResponse ThreatResponse A Free Open Source Security Suite for Hardening and Responding in AWS - ThreatResponse github.com
ansible 로 호스트에 대한 정보를 cmdb 형식으로 파악이 가능 $ pip install ansible-cmdb $ mkdir out ansible -m setup --tree out/ all $ ansible-cmdb out/ > overview.html overview.hml 파일을 로컬에서 열어 확인하거나, 웹 서버의 doc 디렉터리로 복사하면 원격으로 확인 가능
--- - name: Defender Pattern Update hosts: windows gather_facts: no tasks: - name: create directory win_file: path: C:\Temp state: directory - name: file copy win_copy: src: /home/ansible/lab/mpam-fe.exe dest: C:\Temp\mpam-fe.exe - name: Install Remote patch raw: 'C:\Temp\mpam-fe.exe' - name: windows_reboot win_reboot: - name: file delete win_file: path: C:\Temp\mpam-fe.exe state: absent